II/ Improved compliance and enforcement policies

In order to help IT to enforce BitLocker protection even if the users postpone the encryption, it's possible to provide a grace period to automatically protect the volume. It's also possible to disable the postpone feature.

In addition if the PIN code is used, a policy could enforce it by avoiding weak PIN like: 123456, 654321, 456789, 222111, etc.

III/ Support for enterprise scenarios and topologies

It's now possible to use one MBAM infrastructure for trusted Active Directory Forest, which simplify the deployment by removing MBAM servers for each forest using the fully qualified name (FQDN).

The frequently asked feature appear, named high availability for each MBAM components: